Permanently block apk updating

All you need to do is: decompile apk, change code version of apk, compile again and sign with already not original key.

  1. apktool d app.apk
  2. open folder, find yml file, open it and change versionCode to i.e
  3. apktool b app folder
  4. output will be in app folder / dist folder
  5. use this command to sign app, instead you will not be able to install it
    jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore my_application.apk alias_name

    i.e.

    jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore "C:\Users\Me\.android\debug.keystore" app.apk androiddebugkey

     

  6. Done.

Information:

  1. jarsigner is placed in java pathfolder
  2. debug.keystore should be created first time when running own project in android studio

Attachment: apk tool

Where android apps are stored?

Here is a very good answer:

Where an app is stored very much depends on several criteria:

  • System apps / pre-installed-bloatware-apps are stored in /system/app with privileged apps in /system/priv-app (which are mounted read-only to prevent any changes)
  • normal apps in internal memory go to /data/app
  • some apps (encrypted on internal storage?) go to /data/app-private
  • Apps stored on external memory go to an encrypted container in /mnt/sdcard/.android_secure. As at runtime Android needs them to be decrypted, it will decrypt them and store a decrypted copy on tmpfs (so it’s gone on a reboot) in /mnt/asec
    (you cannot simply look into /mnt/sdcard/.android_secure directly from the device; but if you use a card reader and attach the card to your PC, you will see the files there have the extension .asec instead of .apk — from which you will get the connection to the name /mnt/asec).
  • the apps data are stored below /data/data/<package_name> (internal storage) or on external storage, if the developer sticks to the rules, below /mnt/sdcard/Android/data/<package_name>.

Source.